Page 1 of 1

[SOLVED] Validating unique username

Posted: Wed Jul 21, 2004 9:40 am
by dardsemail
I'm trying to create a validation page that allows me to validate the the user has entered data into the registration page (I'm working on ensuring that the formatting is correct and will do so later). I'd also like to have this validation page check for users in the table that have the same username and spit out an error to the user to select a different username if so.

Here's my code:

Code: Select all

<?php

	//Initialise and error string
	$errorString="";
	
		include ("connection/db.php");
		$_SESSION['userName']=$_POST["frm_username"];
		$formUsername = $_SESSION['userName'];
		echo $_SESSION['userName'];
		$query = "SELECT username FROM users_tb WHERE username = '".$formUsername."'";
		$result = mysql_query ($query);
		$numRows = mysql_num_rows ($result);

	
	//Clean and trim the POSTed valueds
	//foreach($HTTP_POST_VARS as $varname => $value)
	//	$formVars[$varname]= trim(clean($value,50));

	//Clean and trim the POSTed valueds
	foreach($HTTP_POST_VARS as $varname => $value)
		$formVars[$varname]= $value;
		
	//Validate the first name
	if (empty($formVars["frm_firstName"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The first name field cannot be blank.";
			
	//Validate the last name
	if (empty($formVars["frm_lastName"]))
		//Last name cannot be a null string
		$errorString.=
		"\n<br />The last name field cannot be blank.";
		
	//Validate the address1
	if (empty($formVars["frm_address1"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The address field cannot be blank.";	
		
	//Validate the city
	if (empty($formVars["frm_city"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The city field cannot be blank.";	

	//Validate the state
	if (empty($formVars["frm_state"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The state field cannot be blank.";	

	//Validate the postal
	if (empty($formVars["frm_postal"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The postal field cannot be blank.";	

	//Validate the username
	if (empty($formVars["frm_username"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The username field cannot be blank.";
		
		// Check to see if username exists already
		if ($numRows == ('1'));
		"\n<br />The username you have selected already exists. Please try another username.";
		
	//Validate the password
	if (empty($formVars["frm_password"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The password field cannot be blank.";	

	//Validate the email
	if (empty($formVars["frm_emailAddress"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The email field cannot be blank.";

	//Validate the email
	if (empty($formVars["frm_country"]))
		//First name cannot be a null string
		$errorString.=
		"\n<br />The country field cannot be blank.";

	//Now the script has finished the validation, check if there were any errors
	if (!empty($errorString))
	{
		//There are errors show them and exit.	
?>
The error codes for the blank fields work fine, but I can't get an error generated for an existing username. In fact, I don't even get a response on the echo $_SESSION['username']. I don't get it. What am I doing wrong?

Thanks!

Posted: Wed Jul 21, 2004 9:46 am
by JAM
JAM wrote:Where do you have session_start() ?

Posted: Wed Jul 21, 2004 10:19 am
by dardsemail
Good point - though I added it and am still not getting an echo value.

Posted: Wed Jul 21, 2004 10:24 am
by JAM
Worked here... Added some stuff to test it...

Code: Select all

<?php
    session_start();
   //Initialise and error string
   $errorString="";
   
      // commented out below for obvious reasons...
      // include ("connection/db.php");

      if (!empty($_POST['frm_username'])) {
          $_SESSION['userName'] = $_POST['frm_username'];
      } else {
          $_SESSION['userName'] = '-';
      }
      $formUsername = $_SESSION['userName'];
      echo $_SESSION['userName']; 

 // resulting in either '-' or 'inputed value' being echo'ed.
?>
<form method="post">
<input type="text" name="frm_username" />
<input type="submit" />
</form>
Note that I changed $_POST["frm_username"] to $_POST['frm_username'] and added a check to see if the $_POST actually was set.

Please do try the above yourself, and see what results you are getting. If there are differences, we should be aware of it from any messages produced...

Posted: Wed Jul 21, 2004 10:26 am
by Draco_03
session_start() Has to be at the BEGINING of your code
first line of your code should be

Code: Select all

<?php
session_start();
?>
Put that on the top of your page

Posted: Wed Jul 21, 2004 11:07 am
by dardsemail
I now have it solved...

Here it is:

Code: Select all

<?php

	//Validate the username
	if (!empty($formVars["frm_username"]))
		//First name cannot be a null string
		include ("connection/db.php");
		$query = "SELECT username FROM users_tb WHERE username = '".$formVars["frm_username"]."'";
		$result = mysql_query ($query);
		$numRows = mysql_num_rows ($result);
		if ($numRows == '1')
				$errorString.=
				"\n<br />A user has already selected that User Name. Please go back and try another User Name.";	


?>
This is nestled nicely among the other validations and seems to work beautifully.

Thanks for your help!

Posted: Wed Jul 21, 2004 1:32 pm
by AGISB

Code: Select all

if ($numRows == '1')
You might want to check if $numRows == '0' or $numRows >= '1' as it disables a possible error that might arise by some freak accident. If by some error (phpadmin mistake, hacking) someone changes a username and there are 2 same usernames you will be able to create number 3, 4, 5 ......


I know its quite unlikely for this to happen but I have seen a lot of coders look over tons of code to find an error like this.